pramod1
asked on
ACTIVE DIRECTORY, STORAGE
the problem is there is CIFS server which authenticates to AD. one day it was not authenticating to any DC in site
we just hard coded to 1 dc and there was a password mismatch occurred we tried to reset it and it worked
my question is when hard coding to 1 server password mismatch occurred but otherwise it was not giving password mismatch when authenticating to all DC before.
Attached RCA provided by storage team but I need to provide RCA FRom AD team?
Why CIFS was unable to Authenticate to users? Because CIFS servers relies on AD for user authentication
Why AD was rejecting the CIFS server? Due to net logon errors and CIFS server account password mismatch
Why netlogon and password mismatch errors? To be filled by AD team
Note: - NetApp has confirmed that the CIFS machine account password is saved in AD, Which storage Admin don’t have any control from filer end.
o Root cause should be filled by AD team since NetApp has confirmed that the CIFS machine account password is saved in AD,
AD.txt
we just hard coded to 1 dc and there was a password mismatch occurred we tried to reset it and it worked
my question is when hard coding to 1 server password mismatch occurred but otherwise it was not giving password mismatch when authenticating to all DC before.
Attached RCA provided by storage team but I need to provide RCA FRom AD team?
Why CIFS was unable to Authenticate to users? Because CIFS servers relies on AD for user authentication
Why AD was rejecting the CIFS server? Due to net logon errors and CIFS server account password mismatch
Why netlogon and password mismatch errors? To be filled by AD team
Note: - NetApp has confirmed that the CIFS machine account password is saved in AD, Which storage Admin don’t have any control from filer end.
o Root cause should be filled by AD team since NetApp has confirmed that the CIFS machine account password is saved in AD,
AD.txt
their should have been failed logon attempts from the CIFS machine resulting in account lockout. AD team should probably set the password to NOT expire and log all password change requests.
ASKER
but what storage team is telling: o Root cause should be filled by AD team since NetApp has confirmed that the CIFS machine account password is saved in AD, Which we don’t have any control from filer end.
The root cause is that the password for the account used by CIFS was changed, without informing Storage Team that the password was changed and for them to update their logon detais
ASKER
so u mean password was changed on cifs server and not in AD BUT CIFS MACHINE ACCOUNT IS IN AD
check your security logs for event 4625. for when the CIFS started failing
Someone changed the password either in AD or on the CIFS server
if there is an event 4723 in the security log then the password was changed in AD
You have to coordinate password changes . on service accounts.
Someone changed the password either in AD or on the CIFS server
if there is an event 4723 in the security log then the password was changed in AD
You have to coordinate password changes . on service accounts.
ASKER
I don't see event id generated with 4723, that means when somebody changed password on cifs netlogon error occurred, but then my last question is when hardcoding to 1 server it gave a prompt of password mismatch earlier it was just giving net logon error
thanks for comments and trying to help me
thanks for comments and trying to help me
AD replicates this information to all DC's so the password should be exactly the same on DC1/DC2/DC3/DC4. The error message displayed on the CIFS server is OS dependant.
You may have to check ALL DC's for the security errors
You may have to check ALL DC's for the security errors
ASKER
my last question:
since the error 4723 was not generated in AD ,
and password was changed on CIFS SERVER which for some reason didn't replicate to all dc's u mean
what do u mean by "The error message displayed on the CIFS server is OS dependant."
since the error 4723 was not generated in AD ,
and password was changed on CIFS SERVER which for some reason didn't replicate to all dc's u mean
what do u mean by "The error message displayed on the CIFS server is OS dependant."
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.